package org.example.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

@Controller
public class FirstController {

    @GetMapping("/first")
    @ResponseBody
    @PreAuthorize(value = "hasAnyRole('admin')")
    public String first(){
        return "first";
    }

    @GetMapping("/second")
    @ResponseBody
    @PreAuthorize(value = "hasAnyRole('normal')")
    public String second(){
        return "second";
    }


    @PostMapping("/index")
    public String index() {
        return "redirect:/index.html";
    }

    @PostMapping("/fail")
    public String fail() {
        return "redirect:/failure.html";
    }
}
